~ubuntu-branches/ubuntu/dapper/mplayer/dapper-security

Viewing all changes in revision 11.

  • Committer: Bazaar Package Importer
  • Author(s): William Grant
  • Date: 2007-12-02 22:10:39 UTC
  • Revision ID: james.westby@ubuntu.com-20071202221039-wpryghwmp3jf0w1g
Tags: 2:0.99+1.0pre7try2+cvs20060117-0ubuntu8.1
* SECURITY UPDATE: buffer overruns in CDDB (LP: #118855), DMO decoder
  (LP: #92968), RTSP handler (LP: #163291) and ASF decoder (LP: #163293).
* debian/patches/61_CVE-2006-1502.dpatch: Ensure that ASF index chunks are
  of a sane size. Patch from Mandriva.
* debian/patches/62_CVE-2006-6172.dpatch: Don't match too many ASM rules,
  lest we overrun the buffers. Patch provided by upstream.
* debian/patches/60_CVE-2007-1246.dpatch: Avoid buffer overrun in DMO
  decoder. Patch from upstream SVN.
* debian/patches/63_CVE-2007-2948.dpatch: Don't take strings of unlimited
  length from CDDB input. Patch from upstream SVN.
* References
  CVE-2006-1502
  CVE-2006-6172
  CVE-2007-1246
  CVE-2007-2948

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: